PT-2023-29470 · Huddly · Huddlycameraservice

Henrik Pedersen

Publicado

2023-12-01

Atualizado

2023-12-20

CVE-2023-45252

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Huddly HuddlyCameraService versions prior to 8.0.7, excluding version 7.99

Description The issue allows attackers to manipulate files, execute arbitrary code, and escalate privileges due to the installation of the service in a directory that grants write privileges to standard users.

Recommendations For versions prior to 8.0.7, excluding version 7.99, update to version 8.0.7 or later to resolve the issue.

Exploit

Correção

Uncontrolled Search Path Element

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-427

Identificadores relacionados

CVE-2023-45252

Produtos afetados

Huddlycameraservice

PT-2023-29470 · Huddly · Huddlycameraservice

CVE-2023-45252

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10